package io.renren.modules.sys.controller;

import com.github.pagehelper.PageInfo;
import io.renren.common.annotation.SysLog;
import io.renren.common.pojo.R;
import io.renren.common.util.Constant;
import io.renren.common.validator.Assert;
import io.renren.common.validator.ValidatorUtils;
import io.renren.common.validator.group.AddGroup;
import io.renren.common.validator.group.UpdateGroup;
import io.renren.modules.sys.entity.SysUserEntity;
import io.renren.modules.sys.pojo.SysUserQuery;
import io.renren.modules.sys.pojo.SysUserRoleDTO;
import io.renren.modules.sys.service.SysUserRoleService;
import io.renren.modules.sys.service.SysUserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;

/**
 * 系统用户
 * 
 * @author chenshun
 * @email sunlightcs@gmail.com
 * @date 2016年10月31日 上午10:40:10
 */
@RestController
@RequestMapping("/sys/user")
@Api(description = "管理员管理接口")
public class SysUserController extends BaseSysController {
	@Autowired
	private SysUserService sysUserService;
	@Autowired
	private SysUserRoleService sysUserRoleService;
	
	/**
	 * 所有用户列表
	 */
	@GetMapping("/list")
	@PreAuthorize("hasAuthority('sys:user:list')")
	@ApiOperation("获取管理员列表")
	public R<PageInfo<SysUserEntity>> list(SysUserQuery query){
		//只有超级管理员，才能查看所有管理员列表
		if(getUserId() != Constant.SUPER_ADMIN){
			query.setCreateUserId(getUserId());
		}

		PageInfo<SysUserEntity> pageInfo = sysUserService.queryPage(query);
		return R.ok(pageInfo);
	}
	
	/**
	 * 获取登录的用户信息
	 */
	@GetMapping("/info")
	@ApiOperation("获取当前管理员信息")
	public R<SysUserEntity> info(){
		return R.ok(getUser());
	}
	
	/**
	 * 修改登录用户密码
	 */
	@SysLog("修改密码")
	@PatchMapping("/password")
	@ApiOperation("修改密码")
	public R password(@ApiParam("旧密码") @RequestParam String password,
					  @ApiParam("新密码") @RequestParam String newPassword){
		Assert.isBlank(newPassword, "新密码不为能空");
				
		//更新密码
		sysUserService.updatePassword(getUser(), password, newPassword);
		
		return R.ok();
	}
	
	/**
	 * 用户信息
	 */
	@GetMapping("/info/{userId}")
	@PreAuthorize("hasAuthority('sys:user:info')")
	@ApiOperation("获取管理员信息")
	public R<SysUserRoleDTO> info(@ApiParam("用户ID") @PathVariable("userId") Long userId){
		SysUserRoleDTO dto = new SysUserRoleDTO();

		SysUserEntity user = sysUserService.queryObject(userId);
		dto.setUser(user);
		
		//获取用户所属的角色列表
		List<Long> roleIdList = sysUserRoleService.queryRoleIdList(userId);
		dto.setRoleIdList(roleIdList);
		
		return R.ok(dto);
	}
	
	/**
	 * 保存用户
	 */
	@SysLog("保存用户")
	@PostMapping("/")
	@PreAuthorize("hasAuthority('sys:user:save')")
	@ApiOperation("保存用户")
	public R save(@ApiParam("管理员对象") @RequestBody SysUserRoleDTO user){
		ValidatorUtils.validateEntity(user, AddGroup.class);
		
		user.setCreateUserId(getUserId());
		sysUserService.save(user);
		
		return R.ok();
	}
	
	/**
	 * 修改用户
	 */
	@SysLog("修改用户")
	@PutMapping("/")
	@PreAuthorize("hasAuthority('sys:user:update')")
	@ApiOperation("修改用户")
	public R update(@ApiParam("管理员对象") @RequestBody SysUserRoleDTO user){
		ValidatorUtils.validateEntity(user, UpdateGroup.class);
		
		user.setCreateUserId(getUserId());
		sysUserService.update(user);
		
		return R.ok();
	}
	
	/**
	 * 删除用户
	 */
	@SysLog("删除用户")
	@DeleteMapping("/")
	@PreAuthorize("hasAuthority('sys:user:delete')")
	@ApiOperation("删除用户")
	public R delete(@ApiParam("用户ID列表") @RequestBody Long[] userIds){
		if(ArrayUtils.contains(userIds, 1L)){
			return R.error("系统管理员不能删除");
		}
		
		if(ArrayUtils.contains(userIds, getUserId())){
			return R.error("当前用户不能删除");
		}
		
		sysUserService.deleteBatch(userIds);
		
		return R.ok();
	}
}
